def from_dict(kdict: dict):
client_id = ClientId(kdict.get("client_id")) if kdict.get("client_id") else None
user_id = UserId(kdict.get("user_id")) if kdict.get("user_id") else None
correlation_id = (
ClientId(kdict.get("correlation_id"))
if kdict.get("correlation_id")
else None
)
ip = kdict.get("ip")
return InfoId(
client_id=client_id, user_id=user_id, correlation_id=correlation_id, ip=ip
)
def from_token_payload(token_payload: dict):
return Token(
client_id=ClientId(token_payload.get("cli")),
user_id=UserId(token_payload.get("sub"))
if token_payload.get("sub")
else None,
token_type=token_payload.get("typ"),
)
def from_strings(
client_id: str = None,
user_id: str = None,
correlation_id: str = None,
ip: str = None,
):
return InfoId(
ClientId(client_id) if client_id else None,
UserId(user_id) if user_id else None,
CorrelationId(correlation_id) if correlation_id else None,
ip,
)
def update_from_headers(self, headers: Dict[str, str]):
if headers:
client_id = headers.get("X-Onboarding-Clientid")
user_id = headers.get("X-Onboarding-Userid")
correlation_id = headers.get("X-Correlation-Id")
ip = headers.get("X-Forwarded-For")
self.client_id = ClientId(client_id) if client_id else self.client_id
self.user_id = UserId(user_id) if user_id else self.user_id
self.correlation_id = (
CorrelationId(correlation_id) if correlation_id else self.correlation_id
)
self.ip = ip if ip else self.ip
return self
def retrieve(self, client_id: ClientId,
user_id: UserId) -> Result[User, Error]:
with self.session_scope() as session:
user_model = (session.query(self.UserModel).filter(
self.UserModel.client_id == client_id.value).filter(
self.UserModel.user_id == user_id.value).first())
if not user_model:
return Failure(UserNotFoundError(user_id))
return Success(
User(
name=Name(user_model.name),
client_id=ClientId(user_model.client_id),
user_id=UserId(user_model.user_id),
))
def retrieve(self, client_id: ClientId,
user_id: UserId) -> Result[User, Error]:
with self.collection_context() as collection:
user_doc = collection.find_one({
"user_id": user_id.value,
"client_id": client_id.value
})
if user_doc:
return Success(
User(
name=Name(user_doc.name),
client_id=ClientId(user_doc.client_id),
user_id=UserId(user_doc.user_id),
))
else:
return Failure(UserNotFoundError(user_id))
def random():
return InfoId(
ClientId("petisco-client"), UserId.generate(), CorrelationId.generate()
)
def controller():
user_id = ClientId("<script>evil()</script>")
return Success(user_id)
def test_should_declare_a_name_with_js_injection():
with pytest.raises(GivenInputIsNotValidError):
ClientId("<script>evil()</script>")
def test_should_declare_a_name_that_exceeds_default_length_limits():
with pytest.raises(ExceedLengthLimitValueObjectError):
ClientId(
"La Corporación Acme es una empresa ficticia, que existe en el universo de los Looney Tunes. Apareció la mayor cantidad de veces en las caricaturas de El Coyote y el Correcaminos, que hicieron famosa a Acme por sus productos peligrosos y poco reales, los cuales fallaban catastróficamente de las peores maneras."
)
def test_should_declare_a_client_id_with_empty_string():
value = ""
client_id = ClientId(value)
assert isinstance(client_id, ClientId)
assert client_id.value == value
def test_should_declare_a_valid_client_id():
value = "Acme"
client_id = ClientId(value)
assert isinstance(client_id, ClientId)
assert client_id.value == value
def given_any_client_id() -> ClientId:
return ClientId("petisco-client")
import pytest
from petisco.domain.value_objects.client_id import ClientId
from petisco.domain.value_objects.user_id import UserId
from petisco.security.token_decoder.token_decoder import TokenDecoder
@pytest.mark.unit
@pytest.mark.parametrize(
"type_token,client_id,user_id",
[
("ADMIN_TOKEN", ClientId("client-id"), None),
("ADMIN_TOKEN", ClientId("client-id"), UserId.generate()),
("BACKEND_TOKEN", ClientId("client-id"), UserId.generate()),
],
)
def test_should_decode_a_token_successfully(type_token, client_id, user_id,
given_auth_token_headers_creator):
auth_token = given_auth_token_headers_creator(type_token, client_id,
user_id)["Authorization"]
token_decoder = TokenDecoder()
token = token_decoder.execute(auth_token).unwrap()
assert token.token_type == type_token
assert token.client_id == client_id
assert token.user_id == user_id